all repos — infra @ e398bee7a25875f41bc68a450b9da6f0ffd805b8

infrastructure manifests and setup notes

apps/vaultwarden/ingress.yaml (view raw)

 1
 2
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    ingress.kubernetes.io/rewrite-target: /
    ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/configuration-snippet: |
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      more_set_headers "Request-Id: $req_id";
    nginx.ingress.kubernetes.io/connection-proxy-header: keep-alive
    nginx.ingress.kubernetes.io/enable-cors: "true"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/limit-connections: "25"
    nginx.ingress.kubernetes.io/limit-rps: "15"
    nginx.ingress.kubernetes.io/proxy-body-size: 1024m
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "10"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
  labels:
    app.kubernetes.io/component: vaultwarden
    app.kubernetes.io/instance: vaultwarden
    app.kubernetes.io/name: vaultwarden
  name: pass.koti.lan
  namespace: default
spec:
  ingressClassName: nginx
  rules:
    - host: pass.koti.lan
      http:
        paths:
          - backend:
              service:
                name: vaultwarden
                port:
                  name: http
            path: /
            pathType: Prefix
  tls:
    - hosts:
        - pass.koti.lan
      secretName: pass-koti-lan